Latest Stable Version: BIND 9.20.20 (February 2026, ESV - Extended Support Version). The latest development version is 9.21.19. For production environments, use the 9.20.x ESV branch. Package versions in distribution repositories may vary.
To install BIND on Debian 13 or Ubuntu, you can follow these steps:
Open a terminal window.
Update the package list:
sudo apt update
Install the BIND DNS server package:
sudo apt install bind9
Enable and start the service:
sudo systemctl enable --now bind9
Check status:
sudo systemctl status bind9
Configure firewall (if UFW is active):
sudo ufw allow 53/tcp
sudo ufw allow 53/udp
Install BIND and utilities:
sudo dnf install bind bind-utils
Enable and start the service:
sudo systemctl enable --now named
Check status:
sudo systemctl status named
Configure firewall (firewalld):
sudo firewall-cmd --permanent --add-service=dns
sudo firewall-cmd --reload
/etc/bind/named.conf/etc/named.conf# Debian/Ubuntu
sudo systemctl status bind9
# RHEL/CentOS/Rocky/Alma
sudo systemctl status named
# Debian/Ubuntu
sudo systemctl restart bind9
# RHEL/CentOS/Rocky/Alma
sudo systemctl restart named
sudo rndc reload
# Debian/Ubuntu
sudo named-checkconf /etc/bind/named.conf
# RHEL/CentOS/Rocky/Alma
sudo named-checkconf /etc/named.conf
After installation, verify BIND is working:
Check if service is listening:
sudo ss -tulnp | grep :53
Test local DNS resolution:
dig @127.0.0.1 google.com
Check server status:
rndc status
Configure basic options in named.conf:
Create custom zone files in appropriate directories:
/etc/bind/zones/ (static) or /var/lib/bind/ (dynamic)/var/named/Set proper ownership and permissions:
# Debian/Ubuntu - static zone files
sudo chown -R root:bind /etc/bind/zones/
sudo chmod 755 /etc/bind/zones/
sudo chmod 644 /etc/bind/zones/*
# Debian/Ubuntu - dynamic zone files
sudo chown -R bind:bind /var/lib/bind/
# RHEL/CentOS
sudo chown -R root:named /var/named/
sudo chmod 755 /var/named/
sudo chmod 640 /var/named/*.zone
Prefer automation? See the following Ansible playbooks:
Prefer containers? See the following Docker guides:
See BIND Configuration for configuration guidance.
See BIND Security for hardening guidance.
If BIND fails to start:
sudo named-checkconfjournalctl -u bind9 (Debian/Ubuntu) or journalctl -u named (RHEL)Setting up DNS infrastructure can be complex. We offer consulting services for:
Contact us at office@linux-server-admin.com or visit our contact page.